# Defining the host is optional and defaults to {{{basePath}}}
# See configuration.py for a list of all supported configuration parameters.
configuration = {{{packageName}}}.Configuration(
    host = "{{{basePath}}}"
)

{{#hasAuthMethods}}
# The client must configure the authentication and authorization parameters
# in accordance with the API server security policy.
# Examples for each auth method are provided below, use the example that
# satisfies your auth use case.
{{#authMethods}}
{{#isBasic}}
{{#isBasicBasic}}

# Configure HTTP basic authorization: {{{name}}}
configuration = {{{packageName}}}.Configuration(
    username = os.environ["USERNAME"],
    password = os.environ["PASSWORD"]
)
{{/isBasicBasic}}
{{#isBasicBearer}}

# Configure Bearer authorization{{#bearerFormat}} ({{{.}}}){{/bearerFormat}}: {{{name}}}
configuration = {{{packageName}}}.Configuration(
    access_token = os.environ["BEARER_TOKEN"]
)
{{/isBasicBearer}}
{{#isHttpSignature}}

# Configure HTTP message signature: {{{name}}}
# The HTTP Signature Header mechanism that can be used by a client to
# authenticate the sender of a message and ensure that particular headers
# have not been modified in transit.
#
# You can specify the signing key-id, private key path, signing scheme,
# signing algorithm, list of signed headers and signature max validity.
# The 'key_id' parameter is an opaque string that the API server can use
# to lookup the client and validate the signature.
# The 'private_key_path' parameter should be the path to a file that
# contains a DER or base-64 encoded private key.
# The 'private_key_passphrase' parameter is optional. Set the passphrase
# if the private key is encrypted.
# The 'signed_headers' parameter is used to specify the list of
# HTTP headers included when generating the signature for the message.
# You can specify HTTP headers that you want to protect with a cryptographic
# signature. Note that proxies may add, modify or remove HTTP headers
# for legitimate reasons, so you should only add headers that you know
# will not be modified. For example, if you want to protect the HTTP request
# body, you can specify the Digest header. In that case, the client calculates
# the digest of the HTTP request body and includes the digest in the message
# signature.
# The 'signature_max_validity' parameter is optional. It is configured as a
# duration to express when the signature ceases to be valid. The client calculates
# the expiration date every time it generates the cryptographic signature
# of an HTTP request. The API server may have its own security policy
# that controls the maximum validity of the signature. The client max validity
# must be lower than the server max validity.
# The time on the client and server must be synchronized, otherwise the
# server may reject the client signature.
#
# The client must use a combination of private key, signing scheme,
# signing algorithm and hash algorithm that matches the security policy of
# the API server.
#
# See {{{packageName}}}.signing for a list of all supported parameters.
from {{{packageName}}} import signing
import datetime

configuration = {{{packageName}}}.Configuration(
    host = "{{{basePath}}}",
    signing_info = {{{packageName}}}.HttpSigningConfiguration(
        key_id = 'my-key-id',
        private_key_path = 'private_key.pem',
        private_key_passphrase = 'YOUR_PASSPHRASE',
        signing_scheme = {{{packageName}}}.signing.SCHEME_HS2019,
        signing_algorithm = {{{packageName}}}.signing.ALGORITHM_ECDSA_MODE_FIPS_186_3,
        hash_algorithm = {{{packageName}}}.signing.SCHEME_RSA_SHA256,
        signed_headers = [
                            {{{packageName}}}.signing.HEADER_REQUEST_TARGET,
                            {{{packageName}}}.signing.HEADER_CREATED,
                            {{{packageName}}}.signing.HEADER_EXPIRES,
                            {{{packageName}}}.signing.HEADER_HOST,
                            {{{packageName}}}.signing.HEADER_DATE,
                            {{{packageName}}}.signing.HEADER_DIGEST,
                            'Content-Type',
                            'Content-Length',
                            'User-Agent'
                         ],
        signature_max_validity = datetime.timedelta(minutes=5)
    )
)
{{/isHttpSignature}}
{{/isBasic}}
{{#isApiKey}}

# Configure API key authorization: {{{name}}}
configuration.api_key['{{{name}}}'] = os.environ["API_KEY"]

# Uncomment below to setup prefix (e.g. Bearer) for API key, if needed
# configuration.api_key_prefix['{{name}}'] = 'Bearer'
{{/isApiKey}}
{{#isOAuth}}

configuration.access_token = os.environ["ACCESS_TOKEN"]
{{/isOAuth}}
{{/authMethods}}
{{/hasAuthMethods}}
